System and Method for Creating a Secure Trusted Social Network

ABSTRACT

A system for a plurality of users to share resources with access, control and configuration based on pre-defined relationships of trust between the users of the system. A computer-based authority provides the services of authentication, identification and verification of each user within network. Processes are described that leads to the formation of an electronic community, which facilitates electronic communication and transactions in a defined manner.

CROSS REFERENCE TO RELATED APPLICATION

This application is a continuation application of U.S. patentapplication Ser. No. 13/524,279 filed on Jun. 15, 2012 the entirecontent and disclosure of which is incorporated herein by reference.

BACKGROUND

The history of computing and network architecture can be viewed as aspectrum between a more centralized approach as demanded in aClient-Server environment and the decentralized approach of aUser-to-User network. Both approaches have their strengths andweaknesses. Each approach has been used to build electronic communitiesand create various forms of computer services.

A simple example of a client-server environment is a website. A websiteis a service provided by a server (specifically, a web server).Computing devices can access the website by connecting to the serverthrough a network connection (via the Internet or through a local areanetwork). One problem associated with Client-Server environments is thatthe server and the bandwidth required to service the number of requestmust also be able to scale with the growth of the number of clients.

User-to-user networks are a type of network in which each computingdevice connected to the network has equivalent capabilities andresponsibilities. User-to-user networks are generally simpler, but theyusually do not offer the same performance under heavy loads. Examples ofUser-to-User networks are file sharing networks such as Napster,E-donkey or Kazaa. Each of these services allow for direct connectionsbetween individual computing devices in the network to exchange files.The problem associated with User-to-User networks involves the lack ofsecurity, control and authenticity of the requested files. There are nolimits on access to these networks and therefore users have no way toascertain the quality or source of the received file.

A mixed Client-server and User-to-User system can be developed. Forexample, Fanning et al. (2002), created a centralized database to locateresources within a user-to-user network. However, Fanning et al. doesnot address the problems of security or control.

This present invention provides a solution to the problems ofscalability of Client-Server environments and the security problemsassociated with User-to-User computing. The present invention uses aClient-Server environment to identify, authenticate and control theaccess to a User-to-User network. In addition, this invention appliesthe ideas of predefined social relationships to the access control ofthe user-to-user network to create a flexible and secure network.

The importance of social relationships and social networks were publiclyrecognized by Milgram (1967). A theory, known as the “Six degrees ofseparation” or “The Small World Problem”, suggests that anyone on theplanet can be connected to any other person on the planet through achain of acquaintances that has no more than five intermediaries. Basedon this idea, Weinreich, et al. (2001) created a process to build adatabase of linkages, and Quinn (2002) created a process to modifydirectory structures. However, neither Weinreich et al. (2001) nor Quinn(2002) deal with the issues of creating a flexible network based on theconcept of social relationships in a user-to-user computing environmentand do not address the issue of identification and authentication whenaccessing network services.

The key element in the establishment of a social network is the implicitunderstanding of the concept of “trust” between known users of a socialnetwork. Trust is defined in Merriam-Webster's Dictionary as “assuredreliance on the character, ability, strength, or truth of someone orsomething”. The nature of trust has proved to be elusive and beendiscuss extensively in the context of philosophy. The practicalimplication of trust can explained using game theory, human physiologyand psychology and forms the basis of corporate strategy, and economicsand sociology.

In the Republic (Plato, 390 BC), Plato suggests that trust existsbecause of the rules governing the transaction and the fear ofpunishment for disobedience. In this world view, self interest is themajor component of trust. In contrast, other worldviews introduce theproperties of innate goodness of humanity, sympathy or shared moralityas the basis for trust. A clearer understanding of trust can be found interms of applications and its impact on human transaction.

Strategic interactions among humans can be described using mathematics.This was first demonstrated by Von Neumann in 1944 in the field of gametheory. In game theory, it can be shown that there is optimum strategyfor dealing with a given situation or confrontation and the strategydepends on the goals of rational participants. For example, there aredifferent strategies depending on whether one's objective is to maximizethe probability of achieving a goal, maximizing one's gains, minimizingone's losses or risk, or ensuring that one's opponent(s) suffers thegreatest damage. A classical example of game theory is known as the“Prisoners' Dilemma” (Tucker, 1950) which established the value of trustamong participants. In this problem, the best possible outcome for thegroup as a whole occurs if each user trusts each other. In contrast, theworst possible results for the group occur when each user acts in theirown interest.

Social organizations both formal and informal are a trait shared by allhuman beings. Every member of a society exists within a network ofpre-existing relationships of trust. Interaction between relatives,family and kin can be explained based on a biological imperative. Byincluding the element of trust to the psychological development of man,explanation of human interactions can be extended to friends and otherusers within a group, businesses, community and even nations. The keyelements required for trust in a sociological context includes anexpectation of future cooperation and a sense of reciprocity.

Trust is also recognized as a valuable component of business strategy.Trust exists within the human behaviour spectrum of confidence (resultof specific knowledge built on reason and facts) and faith (belief thatis largely immune to contradictory information or events). Trust for anindividual can be characterized as a belief that those on whom we dependwill fulfill our expectations of them. In a sense, therefore,predictability of behaviour engenders trust. For individuals, varyinglevels of trust can be established based on fulfilling expectations,acting with integrity and being empathetic.

The concept of trust is also a key element in the theories ofmacro-economics. In this context, trust can be characterized as anexpectation within a community that users of the community will exhibitregular, honest, and cooperative behaviour, based on commonly sharednorms. The existence of trust creates social capital, which in turndetermines the size of firms, businesses and even economies. Therefore,it is known that one skilled in the art would appreciate thatcommunities of individuals exist where the level of trust accorded tomembers of that community is greater than that given to the public atlarge based on the criterion of membership to that community. This couldapply to a boy scout troupe, a sports group, a family, to citizensliving in a small town or county or even to groups based on ethnicity,race, language, religion or other criteria where a higher level of trustis given to members of the community than to the general public.

The novelty in this invention is the realization that acceptable socialbehaviour or trust can be codified as a criterion and used to create asecurity rule, and through its implementation can create a secureelectronic community. For example, the simple criterion of “I trust myfriends and allow them access to my computing device” can be extended toinclude “I trust friends of my friends and allow them access” and thislogic can be extended recursively until the list of friends and extendedfriends are exhausted. In this case, the criteria also include thedegree of separation between the members of the community. A user mightbe willing to trust the friends of their trusted friends but not theirfriend's friend's friend. The underlying social expectation, a friend'strust, forms the security rule for this network. The trust that formsthe basis of social relationships can also be found in the workplace. Inthese cases, the implicit trust is based on the roles of an individual.For example, the CEO of a company allows the vice presidents permissionto access a company resource. The vice presidents can allow theirmanagers access to the same resource without the intervention of the CEOor another central administrator. The implications for this type ofnetwork are that each user, through his/her role within an organization,is responsible and can make resource access decisions. This role-basedtrust can once again form the basis of the security rule forestablishing the network.

As a result, the present invention provides a new approach to connectingcomputing devices and allows them to interact based on a secure andacceptable manner which is based on the roles and social connections ofthe users. The reach and extent of the resulting network can be adjustedaccording to the preference of the user.

SUMMARY OF THE INVENTION

An object of the present invention is to provide a system for aplurality of users to share resources. In accordance with an aspect ofthe present invention, there is a provided a system for a plurality ofusers to share resources comprising one or more software clients, eachof said software clients installed on a computing device; one or moretrusted servers; one or more communication means allowing communicationbetween said one or more trusted servers and said one or more softwareclients, said trusted servers comprising: a network interface operableto receive data packets from the software clients and further operableto send processed data packets to the software clients; a processingengine in communication with the network interface, said engine operableto associate each data packet with an identifier and to thereby providesaid processed data packets; a database containing an identifierassociated with each software client in said system, and wherein eachidentifier in said database is related to each other identifier by meansof a criterion.

In accordance with another aspect of the invention, there is provided asystem for a plurality of users to share resources, said system producedby the process of providing a software client to a first user forinstallation on a first computing device; receiving a first set of datapackets relating to said first user from said software client to atrusted servers via one or more communication means; compiling adatabase of said first data packets; receiving a second set of datapackets relating to at least one second user with whom said first userhas a pre-existing relationship defined by a criterion; adding saidsecond set of data packets to the database and relating said second setof data packets to said first set of identifying data by means of saidcriterion; and providing the software client to the second user forinstallation on a second computing device; wherein, said first, second,or new user can repeat steps b to f resulting in additional users beingadded to said system.

In accordance with another aspect of the invention there is provided amethod to search for information, resources or services contained on thecomputing devices connected to a system for a plurality of users toshare resources, based on the properties of the object as well as acriterion as specified by the user, wherein the search type includes: aquery through the software client including identification informationof the initiator of the search, which is passed from trusted client totrusted client; a query through the software clients where requests andresponses are passed from one software client to another; or a querythrough the trusted servers 3 whereby the trusted servers 3 performs thesearching of trusted users.

The system is a network of computing devices designed to permit users toshare resources. Users are understood to be human beings. Resources caninclude without being limited to: data, digital files, memory,processing power, and storage space. A computing device would beunderstood by a worker skilled in the art to include any electronicdevice with storage and computing capability and a communication meanswith which to communicate with other computing devices. Computingdevices may include but are not limited to computers, cell phones, mp3players, pagers, gaming consoles, handheld gaming devices, wirelessdevices, and personal digital assistants. The communications means wouldbe understood by a worker skilled in the art to include any necessaryelements of hardware, including but not limited to communications ports,wireless transmitter/receivers, wires or fibre optics; and software,including but not limited to telephony, e-mail, facsimile, Bluetooth®,TCP/IP, FTP, XML, and IRC, that allow a computing device to exchangedata packets with another computing device.

Access, control and configuration of the system are based onuser-defined social relationships. Trusted servers provide the servicesof authentication, identification and verification for each user withinnetwork. The trusted servers are computing devices connected to thenetwork that can identify, verify and authenticate users of the network.This process defines who the users are, for example by means of a loginand password, and where they are located in terms of the network, forexample an IP address. The trusted servers can confirm these facts aspart of an authentication process. Information regarding each userregistered with the system is stored on the trusted servers forauthentication and identification purposes.

A software client installed on each computing device connected to thenetwork acts as an interface to allow the user to communicate with thetrusted servers and other computing devices. Access to the system iscontrolled by the users who can invite members of their trusted socialnetwork to join the system. Once invited, a new user can download thesoftware client, access the network and invite new members. Processesare described that lead to the formation of an electronic community,which facilitates communication between computing devices connected tothe system and transactions between those computing devices in a definedmanner.

As each user is added to the system they are assigned a criterion N,which can be defined as the degree of separation between the users.Users can be assigned other criterion such as whether they are trustedby another user. By means of these and other criteria every user on thesystem can be identified relative to every other user on the system. Forexample, User A invites a trusted friend, User Z to join the system.User A and User Z have a degree of separation of 0, thus N=0. If User Zinvites another trusted friend, User Z1 to join the network then User Zand User Z1 will have a degree of separation of 0 and User Z1 and User Awill have a degree of separation of 1. Users of the system can definethe degree of separation that they are willing to allow access to theresources on their computing device. If User A wishes to restrict accessonly to his friends he or she sets N to equal 0. The effect of differentdefinitions of N is explored in the following table:

TABLE 1 An example of network access based on degrees of separation.Degree of Separation (N) Description 0 A trusted network, only friendscan connect 1 Only friends of trusted friends can connect 2 Friends oftrusted friends' friends can connect . . . . . . N is a very largeEveryone who has social relations on the number network can connect

Once users are connected based on their defined properties, they cancommunicate and share services and resources. Some examples include:transfer and exchange of electronic files, transfer or exchange of textmessages and/or transfer and exchange of voice data.

Alternatively, in a business or professional environment, the socialrelationships are replaced by roles that are defined by theposition/role and responsibility. The same trust and security issuesexist and can be used to form a network using the present invention.

BRIEF DESCRIPTION OF THE FIGURES

Further features of the invention, its nature and various advantageswill be more apparent from the accompanying drawings, and the followingdetailed description in which like reference numerals refer to likeelements and in which:

FIG. 1 is a description of Terms and Symbols used in process diagrams,in the process details and in the flowcharts.

FIG. 1A is a table listing a description of terms and symbols describingflows of information in the process diagram and in the flow charts.

FIG. 1B is a process diagram for setting up the Network.

FIG. 2 is a flowchart diagram for setting up the Network.

FIG. 3 is a process diagram describing the situation where a new user isreferred and contacted through trusted servers 3.

FIG. 4 is a flow chart describing the situation where a new user isreferred and contacted through the trusted servers 3s

FIG. 5 is a process diagram describing the case when a user refers theirfriends to the trusted servers 3.

FIG. 6 is a flow chart describing the situation where a user is referredhis friend to the service.

FIG. 7 is a process diagram describing the case when a user establishesa relationship with another user of the network.

FIG. 8 is a flowchart describing the case when a user establishes arelationship with another user of the network.

FIG. 9 is a process diagram describing the process of logon to thenetwork.

FIG. 10 is a flow chart describing the logon process.

FIG. 11 is a process diagram describing the process to logon to thenetwork.

FIG. 12 is a flow chart describing the situation where the client logofffrom the network gracefully.

FIG. 13 is a process diagram describing the situation where the clientlogoff from the network suddenly.

FIG. 14 is a flowchart describing the situation of sudden client logofffrom the network.

FIG. 15 is a process diagram describing searching through other trustedclients with information passing directly back to the initiator.

FIG. 16 is a flow-chart diagram describing the process of searchingthrough other trusted clients with information passing directly back tothe initiator.

FIG. 17 is a process diagram describing the process of searching throughother trusted clients with some degree of privacy

FIG. 18 is a flow chart describing the process of searching throughtrusted clients with some degree of privacy

FIG. 19 is a process diagram describing the process of searching throughthe trusted servers 3s.

FIG. 20 is a flow chart describing the process of searching throughtrusted servers 3s.

FIG. 21 is a process diagram describing the process oftransfer/exchange/communication through the network.

FIG. 22 is a flow chart describing the process oftransfer/exchange/communication through the network.

FIG. 23 is a process diagram describing the process oftransfer/exchange/communication through the network.

FIG. 24 is a flow chart describing the process oftransfer/exchange/communication through the network.

FIG. 25 is a process diagram describing the process of service deliverythrough relay.

FIG. 26 is a flow chart describing the process of service deliverythrough relay.

FIG. 27 is a process diagram describing the process of remote clientaccess.

FIG. 28 is a flow chart describing the process of remote client access.

FIG. 29 is a process chart demonstrating an example of a file transferthrough a trusted social network.

FIG. 30 is a process chart demonstrating an example of photo filesharing through a trusted social network.

FIG. 31 is a process chart demonstrating and example of video filesharing through a trusted social network.

FIG. 32 is a process chart demonstrating an example of remote access andfile sharing through a trusted social network.

FIG. 33 is a process chart demonstrating a transaction based electronicmarkets on a trusted social network.

FIG. 34 is a process chart demonstrating an electronic market based onthe transfer of digital rights.

FIG. 35 is a process chart demonstrating an example of extending theelectronic market to include identifiable non-digital goods.

FIG. 36 is a process chart demonstrating an example of auction over atrusted network

FIG. 37 is a process chart demonstrating a reverse auction on a trustedsocial network.

FIG. 38 is a process chart demonstrating an application of instantmessaging (IM) services on a trusted social network.

FIG. 39 is a process chart demonstrating Voice Over Internet Protocol(VOIP) services on a trusted social network.

FIG. 40 is a process chart demonstrating Interactive Video services on atrusted social network.

FIG. 41 is a process chart demonstrating an application of electronicresource sharing on a trusted social network.

FIG. 42 is a process chart demonstrating a process for non-electronicresource sharing on a trusted social network.

FIG. 43 is a process chart demonstrating a process for non-electronicresource sharing on a trusted social network where delivery of theresource is managed physically by a trusted user.

FIG. 44 is a process chart demonstrating information collaboration andmanagement on a trusted social network.

FIG. 45 is a process chart demonstrating playing games on a trustedsocial network.

FIG. 46 is a process chart demonstrating advertising to users through atrusted social network.

FIG. 47 is a process chart demonstrating the use of a trusted socialnetwork in the multi-level marketing industry.

FIG. 48 is a process chart demonstrating the use of a trusted socialnetwork in the process of film production.

FIG. 49 is a process chart demonstrating the use of a trusted socialnetwork in film festivals.

FIG. 50 is a process chart demonstrating the use of a trusted socialnetwork in the medical industry.

FIG. 51 is a process chart demonstrating the use of a trusted socialnetwork in the retail music/movie industry.

DETAILED DESCRIPTION OF THE INVENTION

The following description is presented to enable any person skilled inthe art to make and use the invention, and is provided in the context ofa particular application and its requirements. Various modifications tothe disclosed embodiments will be readily apparent to those skilled inthe art, and the general principles defined herein may be applied toother embodiments and applications without departing from the spirit andscope of the present invention. Thus, the present invention is notintended to be limited to the embodiments shown, but is to be accordedthe widest scope consistent with the principles and features disclosedherein.

Process diagrams provide a high level view of the entire process. Thesystem is comprised of various steps outlined below, with the numbers inbrackets representing the corresponding steps in the detail processdescription and the corresponding flowchart:

Setup (0000-0100) Propagation (0100-0499)

New User Contacted Through trusted servers (0100-0499)

Direct User-to-User Contact (0300-0402)

Linking known clients (0400-0499)Logon-Logoff from Client (0500-0799)Logoff gracefully (0600-0699)Logoff suddenly (0700-0799)

Searching (4000-499)

Searching through trusted Client (4000-4099)Searching through Location Server (4100-4250)

Transfer/Exchange/Communications (5000-5999)

Remote access (6000-6099)

FIG. 1A is a chart that defines the symbols used in the process chartsand is meant to assist the worker skilled in the art in conceptualizingthe invention.

Setup (0000-0100)

Referring to FIG. 1B there is generally shown an overview of the setupprocess for the system. The user 1, a human being, uses a computingdevice 2. The computing device 2 has a software client installed on it,which is supplied from a legitimate source, namely the trusted servers3. The user 1 uses the software client to connect to the trusted servers3 and the rest of the network. The software client can run on anycomputing device that has the capacity to store and process digitalinformation and one or more communication means. The user 1 of acomputing device 2 communicates with the trusted servers 3 by means of acommunications means 4, downloads the connection or “client” software,completes the setup process and is designated as User A 1. FIG. 2 is arepresentation of the same process as a flowchart. Descriptions of thesteps required in the process are as follows. In steps 0010A to 0010C ofthe process, the user 1 contacts the trusted servers 3 through anappropriate communication service 4 and downloads the software client 6.After the installation of the software client 4, the user 1 can now beknown as User A 1. Communication service 4 represents any means ofcontacting the trusted servers 3 which includes, for example, telephony,e-mail, instant messaging (IM), mail, fax, or Web (HTTP). Once thesoftware client 6 is installed, step 0020 is for User A 1 to activatethe software client 6. The software client 6 queries User A 1 for setupinformation (D0020). Setup information (D0020) contains at least thecontact information for User A 1 (e.g. Telephone number, e-mail, mailingaddress). Examples of additional information include but are not limitedto demographics, occupation, and other points of contact. User A 1enters the required setup information D0020 which is sent throughcommunication service 4 to trusted servers 3. In steps 0030A and B,trusted servers 3 receives the setup information (D0020) and sends anautomatically generated authentication message (M0030) to User A 1 basedon the contact information specified in D0020. This step represents aconfirmation of contact information provided by the software client 6.In step 0040, User A 1 receives the message. User A 1 now has a choiceof actions after receiving information (M0030) from the trusted servers3. In step 0045 User A 1 accepts the terms and conditions of use, and,in step 0046, sends acceptance to trusted servers 3 3. The trustedservers 3 then create an account for User A 1. In step 0050B, User A 1declines to accept the terms and conditions of use for the network, thisrefusal is send to the trusted servers 3 3. The trusted servers 3 notethat User A 1 has abandoned the signup process. In steps 0055A to E UserA 1 does not act on Message (M0030) after a set period of time. Thetrusted servers assume that the application has been abandoned.Alternatively, steps 0060A and B assume that the authentication message(M0030) was returned to trusted servers 3 with an error condition formessage delivery. Examples of error conditions include but are notlimited to a bounced back e-mail, a busy signal on a telephone or areturned mailing. In step 0065 the trusted servers 3 takes note of thefailure and reacts accordingly.

Propagation (0100-0499)

Propagation describes the process of how a user, in this case, User Asigns up one user who they trust through some form of relationshipexists (e.g. friends, family, co-workers). This process can be repeatedindefinitely to build up a list of trusted clients for User A. User Acan define a trusted client in three ways:

-   -   ask trusted servers to contact a new user;    -   redirect new user to the trusted servers, or    -   linking two users already on the network.        Each of these scenarios will be described in more detail as        follows.

New User Contacted Through Trusted Servers (0200-0299)

With reference to FIG. 3, a user of the network, User A 1, initiates theprocess by sending contact information of a trusted individual to thetrusted servers 3. The new user, in this case defined as User Z 7, iscontacted by the trusted servers 3 and prompted to sign up for theservice. User Z 7 is a person with whom User A 1 has a pre-existingrelationship of trust either through a social network or throughpredefined roles. With reference to FIG. 4, in step 0200 User A 1 logson to the network and sends a message (D0200) to the trusted servers 3.Message D0200 should contain, at the minimum, contact information foranother trusted User Z 7, as defined by User A 1 (for example, telephonenumber, e-mail, etc.). This is the start of the referral process for anew user, in this case, referred to as Z, a trusted user defined by UserA 1. In step 0210 the trusted servers 3 receives message D0200 andinitiates the referral process. In step 0215, the trusted servers 3sends a message (M0215) to User Z 7, through an appropriatecommunication service 4 (as defined by the contents of message D0200)inviting User Z 7 to obtain the software client 6 from the trustedservers 3. The message (M0215) should contain but is not limited to thefollowing: Greetings, Explanation of Service, How to Download SoftwareClient from trusted servers. In step 0220, User of User Z 7 receivesmessage (M0215), and then downloads and installs the software client 6.In step 0225 User Z 7 proceeds through the setup process defined aboveby steps 0020-0070, above. Once this process is complete, in step 0250,the trusted servers 3 sends a confirmation message (M0250) back to UserA 1 indicating that User Z 7 is now a user of the electronic community.Step 0280 is the end of new user signup process.

Direct User to User Contact (0300-0399)

In this case, the new user is contacted by another user directly andprompted to sign up for the service. With reference to FIG. 5 User A 1refers User Z 7 to a website where the software client can be downloadedand the User Z 7 goes directly to this website. The details follow andthe accompanying flow chart is shown in FIG. 6. In step 0300 User A 1sends a message (D0300) through an appropriate communication means 4 toa trusted user, User Z 7, to tell them to sign up onto the network.Message (D0300) contains at least the location where User Z 7 candownload the software client 6. In steps 0302A to C User Z 7 receivesMessage (D0300), connects to the trusted servers 3 and proceeds throughthe Initial Setup process as discussed above in steps 0010-0100. Insteps 0310A to C, after the account is set up, the User Z 7 proceeds todefine his or her relationship with User A 1 as outlined in process0400-0499 above.

Linking Users Already on the Network (0400-0499)

In this case, a user wishes to establish a linkage with another userthat is already on the network. With reference to FIG. 7 both User A 1and User Z 7 are users of the network who are not already related andwant to establish a direct relationship. User A 1 sends a message to thetrusted servers 3, defining User Z 7 as a trusted user. User Z 7 canaccept or reject this new definition, by communicating with the trustedservers 3. With reference to FIG. 8, in step 0402, User A 1 sends data(D0402) to trusted servers 3 defining User Z 7 as a trusted user. Data(D0402) is information that contains at least the network identificationor other type of unique identifying information of User Z 7. In step0410, the trusted servers 3 receives data (D0402) and sends message(M0410) to User Z 7 notifying them of a request to create a relationshipwith User A 1. In step 0420 User Z 7 receives message (M0410) and thentakes one of several actions. In step, 0422 User Z 7 accepts the requestand sends acceptance (D0422) back to the trusted servers 3. In step0424, User Z 7 declines the request and sends refusal (D0424) back tothe trusted servers 3. Finally, in steps 0426A to E, User Z 7 ignoresthe request and the request is considered to have been refused after aset time. In step 0430, the trusted servers 3 relay the action of User Z7 to User A 1 and also note the action for the authentication andidentification service.

Logon to the Network with a Client (0500-0599)

The situation for logon to the network from a client is summarized inFIG. 9. The details of the process are shown in steps 0500-0599 and aflowchart in FIG. 10. In step 0502,

-   -   User A 1 activates software client 6. In step, 0506 the software        client 6 contacts the trusted servers 3 through an appropriate        communication service 4 and sends the Identification Information        (D0506) which can include but is not limited to a UserID and a        Password. Additional information that can be provided for        example, is contact information (e-mail, communication port, IP        address), N (Level of trust), list of trusted users (L0506). In        step 0507, User A 1 undergoes an authentication process on the        trusted servers 3 wherein the authentication process includes at        the minimum comparing UserIDs and passwords. Additional        parameters can include, but are not limited to, biometrics,        usage information and other types of metrics that are designed        to verify the identity of User A. In step 0520, User A's 1        identity is verified. Then, in step 0525, the trusted servers 3        generate information and instructions (M0520) which are sent to        the Location Service 8, a software program. The information and        instructions (M0520) include at the minimum UserID and a list of        trusted users for the particular User. The Location Service 8 is        a specialized service that knows the connection point of each        user on the network. The Location Service 8 is handled by a        Location Server which is considered to be one of the trusted        servers 3. For the purposes of this example, connection point is        defined at the minimum as a socket connection for a TCP/IP        network. In steps 0530A to E, the Location Service 8 goes        through a list and determines which trusted users 7, 9, 10, 11        of User A 1 are currently on the network. The connection points        of the users are summarized in a list (LIST0530). In step 0540,        the Location Service sends list (LIST0530) back to User A 1. In        step 0550, the list (LIST0530) has been received and User A 1        can now connect to each of the trusted users on the list if        necessary. The trusted users for A that are currently not on the        network are identified as “not available”. In step 0560, the        Location Service also goes through list (LIST0530) and notifies        each user of the list, namely, User Z 7, User B 9, User D 10,        and User C 11 that User A 1 is now available on the network.        Alternatively, in step 0550, User A's 1 identity is not        verified. trusted servers 3 will not allow software client 6 to        proceed further. Step 0599 is the end of the logon process.

Logoff (0600-0799)

There are two ways to logoff or disconnect from the network. The twoways are:

-   -   Logoff gracefully—when the user can exit the program using a        series of predefined steps.    -   Logoff suddenly—when the connection was terminated abruptly.        Each of those steps is described in this section.

Logoff Gracefully 0600-0699

The process details to logoff from the network gracefully are summarizedin FIG. 11. The details of the process are given in steps 0600-0699 anda flow diagram given in FIG. 12. The graceful logoff process begins atstep 0602 where User A 1 decides to logoff from the network and followsthe standard logoff procedure. In this discussion, the logoff procedureincludes but is not limited to suspending all activities and saving allkey configurations. In step 0604, User A 1 uses the software client 6 tosend a command to logoff from the network (D0604) to the trusted servers3. In step 0605, the trusted servers 3 execute the logoff procedure forUser A 1. The trusted servers 3 also inform the Location Server 8 thatUser A 1 is logging off. In step 0607, the Location Server 8 executesprocedures to inform all the trusted Users with n=0 connected to User A1 that User A 1 will be unavailable. For example, User Z 7 will beinformed that User A 1 is no longer available. In step 0610, theLocation Server 8 sends message to the trusted servers 3 that User A'slogoff procedure is completed. In step 0620, the trusted servers 3 sendmessage to the software client of User A 1 that it is allowed to shutdown. In step 0675, the software client of User A 1 completes theshutdown routine.

Logoff Suddenly 0700-0799

The process details for when a client suddenly logoff from the networkis summarized in steps 0700-0799. A process diagram for those steps isgiven in FIG. 13 and the corresponding flow diagram for this processgiven in FIG. 14. In step 0700, User A 1 is suddenly disconnected fromthe trusted servers 3 (i.e. the connection point between the locationserver 8 and the software client 6 is severed, for example, due to anequipment or power failure). In step 0720, User A 1 attempts toreconnect to the trusted servers 3. The number of attempts is defined bya set condition, such as a finite number of attempts or a definedperiod. In step 0730, the attempt to contact fails. At this point, instep 0735, User A 1 executes logoff procedure. In step 0740, theLocation Server 8 executes procedures to inform all the trusted usersconnected to User A 7, 9, 10, 11 that User A 1 will be unavailable. Instep 0745, the Location Server 8 sends message to trusted servers 3 thatUser A's 1 logoff procedure has been completed. As a result, in step0750, the trusted servers 3 note that User A 1 is not on the network.Alternatively, in step 0760, User A 1's attempt to re-connect with thetrusted servers 3 succeeds. In step 0765, the trusted servers 3 note thenew connection point for the User and, in step 0770 starts process0525-0560 to inform User A 1's trusted users 7, 9, 10, 11 that User A 1is again available. Step 0799 is the end of the sudden logoff process.

Searching 4000-4999

There are three ways of searching or discovering resources through thenetwork. The processes are defined as:

-   -   Query through trusted clients including identification        information    -   Query using relays    -   Query through the trusted servers        All three processes have their advantages and disadvantage and        are not mutually exclusive, that is, they can be used in        conjunction with each other to search the network. The novelty        of this searching mechanism is that the search is carried over a        trusted social network. The implicit assumption is that the        social relationship provides a predefined domain that is better        suited to answer the query.

Searching Through Trusted Clients Including Identification Information4000-4099

In this case, the search is carried out on the trusted social networkwith the user identification being transmitted along with the query. Theprocess details for searching through trusted clients are summarized insteps 4000-4099. The process diagram is given in FIG. 15 and thecorresponding flow chart is given in FIG. 16. FIG. 15 is an example of asearch carried out thorough three degrees of separation (N=3). User A 1initially sends out a query to search through N=3 on the network. User A1 therefore is known as the initiator of the query. For this case, thequery is sent to User Z 7 and User B 9. They in turn, send the queryfrom User A 1 to their list of trusted users. From the perspective ofUser A 1, the search depth has now increased by one level and the searchis now defined as a search of one degree of separation (N=1). Thissearch continues through all the trusted users of User A 1's networkuntil the depth of N=3 is reached. In each case, the local machine 2 ofeach user is searched to see if the objective of the query can besatisfied. For this example, User C 11, who is N=3 levels away from UserA 1, can answer the query and there can reply directly to User A 1, theinitiator. In this example, User D 10 who is authorized to be on thenetwork but bears no social relationship to User A 1, will not bequeried. This example clearly shows the novelty of such searches on asocial network. With reference to FIG. 16, In step 4010, User A 1 sendsa message (M4010) containing a search query, the degree of separation(N) and identification information to each of the trusted users on thenetwork. User A 1 is known as the initiator of the query. The searchquery can be, but not limited to, text string, file descriptors,commands or instructions. In step 4012, the message is sent to one ofthe trusted users on A, for example User Z 7. In step 4014, User Z 7'ssoftware client decreases the parameter N by 1, then, in step 4016, itchecks to see if N is less then 0 then go to step 4022, performing aquery of the system of User Z 7. Then, in step 4020, the client of UserZ 7 sends a new message with the initial query and the new value of N tothe trusted users defined by User Z 7. These steps generate a recursiveprocess that will search through all the clients related to User A 1 byN degrees of separation. In step 4025, the query is successful sendmessage M4025 to the original queror. In this case, User C 9 sends backa message to User A 1. Message M4025 includes, but is not limited to,the location and availability of the object and the parameter N.Alternatively, in step 4030, the query is unsuccessful and the searchends on that particular machine. In either case, step 4099 is the endsearch.

Query Using Relays 4100-4250

There are situations when the user wants to remain known only to thosethe User trusts. In this case, the identification information should notbe passed on through the trusted network. The result can be passed backthrough each trusted User. The process details for searching through thelocation server are summarized in steps 4100-4250. The process diagramis given in FIG. 17 and a flow chart is given in FIG. 18. In FIG. 17,User A 1, the initiator of the query, performs a search that is definedfor three degrees of separation (N=3). In this case, User A 1 sends thequery to two trusted users, User Z 7 and User B 9. Both User Z 7 and B 9keep an internal record of the query and then pass on the query to thetrusted users on their list. For example, User Z 7 passes the query toZ1 12 and Zn 2. This process continues until the degree of separation ofthree (N=3) is reached. In each case, the User performs a search ontheir own local resources to see if they can satisfy the query andrecords the originator of the query. In this example, User Z3 14 isfinally reached and a local search on Z3's 14 system indicates that Z314 has an answer. The answer to a query is passed back to the immediateuser that submitted the query—in this case, User Z2 13. This processcontinues through the network until the initiator, in this case, User A1, receives the answer. In this example, User Z3 14 passes the answerback to User Z2 13, who in turn passes the information back to Z1 12. Z112 passes back to Z 7 and finally Z 7 responds to User A 1.

In this method, only those that are directly related to the initiatorknow the information about the query. The local system for each Usermust maintain information on who requested the information and who hasanswered the query. With reference to FIG. 18, in step 4100, User A 1sends a message (M4010) containing a search query, the degree ofseparation (N) to each of the trusted users on the network and queryidentification information. The search query can be, but is not limitedto, a text string, file descriptors, commands or instructions. For thepurposes of this example, degree of separation (N) defines the number ofextended friends that are to be queried. The query identificationinformation includes but is not limited to a unique identifier of aquery, the originator of the query and the recipient of the query. Inthis case, User A 1's question Q1 is sent to User Z 7. In step 4102, thesoftware client creates a tracking list (L4101) of trusted users thatwere asked the question. For example, User Z 7 and User B 9 were askedthe question Q1. In step 4113, on one of the trusted users of A, forexample User Z 7, the software client creates a list to track thetrusted users (L4113) that are searched to respond to a query. Forexample, all the trusted Users for Z 2, 12, 13, 14 that are queriedabout Q1 from User A 1. In step 4114, the software client decreases theparameter N by 1. In step 4016, the software client checks if N is lessthan 0. If N is greater than 0 then the software client proceeds to step4122, below and, in step 4018 sets the query identification to be thatof the local client. In this case, the new query identification is nowUser Z 7 and Q1. In step 4020, the software client sends a new messagefrom User Z 7, with the new query identification information and the newvalue of N to each trusted users as defined by User Z 7. For example, asearch message to User Z1 12 and a search message to User Zn 2. In step4021, the software client creates an entry on the list (L4113) for eachquery sent to each particular trusted User of Z 7. If, in step 4016above, N is less than 0 then the software client does not forward thequery on to further trusted users. This series of steps generates arecursive process that will search through all the clients related toUser A 1 by N degrees of separation. Once the above chain of steps iscompleted the software client moves on to step 4122 and performs thequery on the local system . . . If the query is successful the softwareclient moves to step 4125 and sends a message (M4125) to the trustedUser that requested the information based on the query identificationinformation. For example, User Z3 14 sends message M4125 back to User Z213 that the search was successful. Message M 4125 includes but is notlimited, to the location and availability of the object that isseparated by N=0. If the query is unsuccessful on the local machine, thesoftware client sends a message (M4130) back to the contact as specifiedin the query identification information. Message M4130 should indicateat a minimum “Not successful”. In step 4140, the software client of theuser that initiated the request checks to see if the message is 4125(successful query) or 4130 (unsuccessful query). In step 4145, asoftware client that receives the message 4130 deletes this entry fromthe tracking List L4113. In step 4150, the software client that receivesmessage 4125 (successful query) searches on list L4113 to see who madethe query and sends a response back to this initiator on the success ofthis query. This information is relayed from one trusted user to anotheruntil the original initiator of the query is contacted. As outlined inthe process diagram, User Z3 14 can satisfy User A 1's query. User Z3 14sends an affirmative message back to Z2 13. Z2 13 searches on his listL4113 to see that Z1 12 made the query. Z2 13 then informs Z1 12 that Z213 has an answer. This process continues until User Z 7 informs User A 1that an answer to the query is available. At this point User A 1 canaccess the information on User Z3's 14 system using the processdescribed elsewhere in this specification.

Searching Through Location Server 4300-4399

The search process can also be carried out through the use of a searchservice that can be a part of the trusted servers. The search service inthis case will be used to generate the list of users that needs to becontacted, contact each user with the query, summarize the response andsend this response back to the originator of the query. The processdetails for searching through the location server are summarized insteps 4300-4399. The process diagram is given in FIG. 19 and a flowchart is given in FIG. 20. In step 4300, User A 1 sends a message(M4300) containing a search query, the degree of separation (N) to thetrusted servers 3. Again, the search query can be, but is not limitedto, text string, file descriptors, commands or instructions. In step4305, the search service 20 on the trusted servers 3 receives a messageM4300. The search service 20 then generates a list (L4305) of all thetrusted clients that can be reached by User A 1 based on N. In step 4310the search service queries the location server for the connection pointfor each of the trusted users on list L4305. Then, in step 4315, thesearch server 20 contacts each of the trusted users on list L4305 2, 7,9, 12, 13, 14 and sends them a query based on message M4500. In step4317, the software clients of the users on list L4305 receive the queryand search the local machine. If query is successful, the softwareclient sends back a message to the trusted servers 3. This messageincludes at the minimum the answer to the query. In step 4320, thesearch service waits for a set condition to make sure that all contactedusers have an opportunity to reply. In step 4325, the search servicesummarizes the results, which include at the minimum the answer to thequery. In step 4330, the search service sends the results back to User A1.

Services and Applications over the Trusted Network (5000-5599)

There are three ways in which actions and applications can be carriedout over the trusted network. The three ways are

-   -   Direct connection    -   Connection through a trusted proxy    -   Delivery though relays        Example of actions and applications are, for example,    -   Electronic resource sharing    -   Communication    -   Data exchange    -   Service sharing        The implementation details will be described in the following        sections. More specific examples of actions and applications are        described in the embodiments of this patent.

Direct Connections (5000-5200)

Direct connections can be established through the Login process(0500-0599). Through the Searching process (4000-4999) a user can beconnected directly to another trusted user on the network. In this case,any actions and applications can be carried out directly between the twousers. FIG. 21 is a process diagram illustrating this connection andFIG. 22 is the corresponding flow chart detailing the steps required inthis process. In FIG. 21, User A 1 is directly connected to User Z 7 andtherefore can exchange services. With reference to FIG. 22, the detailsof the process are described as follows. In step 5002, User A 1establishes a link with User Z 7 based on information supplied bytrusted servers 3. Users A 1 and Z 7 must be within the same network andhave defined N such that they both fall within N for each other. In step5005 a session is established that connects the two users. In step 5010User A 1 defines an end condition and starts a count for the endcondition. The end condition can be a time for the connection to last orbe defined by the time to complete a file transfer, etc. In step 5012,User A 1 sends a request to User Z 7. In step 5015, the software clienton User Z's 7 computing device performs the action requested by User A1. In step 5017, User Z 7 sends a response back to User A 1. In step5020, if there is an interruption, such as a sudden disconnection causedby a power failure, the software client on User A 1's computing device,in step 5025 creates a set point, which can be used to restart action onreconnection. In step 5030, the software client of User Z 7, continuesthe action requested by User A 1 until end point is reached. In step5200, the end condition is satisfied and the session is ended.

Connection Through a Trusted Proxy (5200-5399)

In some cases, direct connections cannot be established between trustedusers on the network due to the presence of a firewall or otherprotective measures available on a network. In this case, the user mustfirst request a connection to a trusted proxy server before connectingto the other user. A proxy is a service that allows clients to makeindirect network connections to other users. A User connects to theproxy server, and then requests a connection, file, or other resourceavailable on another trusted user. The proxy provides the resource,possibly by connecting to the specified user, or by serving it from acache. FIG. 23 is a process diagram illustrating this connection througha trusted proxy and FIG. 24 is the corresponding flow chart detailingthe steps required. In FIG. 23, User A 1, who is behind a firewall 40,first connects to a proxy 30 and then requests a connection to User Z 7.The trusted servers 3 then direct User Z 7 to the appropriate proxy 30.The actions or operations can then be carried out through the proxy 30.The details of the process are described as follows. In step 5201, UserA 1 performs a search as described in process 4000-4999 and receives theinformation that User Z 7 has the required service. In step 5202, User A1 requests a proxy connection from the trusted servers 3 because User A1 and User Z 7 cannot connect directly. In this example, a proxy 30 is aservice that allows the software client to make indirect networkconnections to other users. User A 1 and User Z 7 must be related by Ndegree of separation. In step 5205, a session is established thatconnects the two users through the proxy 30. In step 5210 an endcondition for the length of the session is defined. In step 5215 therequested action is performed by User Z 7 through the proxy 30. In step5217, User Z 7 sends a response back to User A 1 via the proxy 30. Step5220 governs the possibility of an interruption in the connectionbetween Users A 1 and Z 7. If an interruption occurs, in step 5225 thesoftware client of the initiator of the connection, in this case User A1 creates a set point which can be used to restart action onreconnection. In step 5230, the action is continued until end conditionis satisfied. In step 5399 the end condition is satisfied and thesession is ended.

Delivery Through Relay (5400-5599)

In some cases, the user wants to remain known only to those the Usertrusts (i.e. users that are directly related to them i.e. N=0). Servicesand actions can still be delivered through a series of relays if theinitial search and discovery for the services and action is performedusing the search with some degree of privacy option (4100-4250). Inwhich case, the application or service can be delivered based on thepath developed by the search. The process diagram is given in FIG. 25and a flow chart is given in FIG. 26. In FIG. 25, User Z3 14 has theservice requested by User A 1. In order to deliver the service withoutknown that User A 1 requests the service, User Z3 14 performs theservice and delivers the result to the trusted User Z2 13. Z2 13 in turndelivers the result back to User Z1 12, and Z1 12 delivers it back to Z7. Z 7 finally fulfils the request of User A 1. Based on this scenario,User A 1 only knows that those immediately related to him, that is UserZ 7, has responded to the request. User A 1 does not need to know theUser Z3 14 is the one that actually fulfils the request. The connectionbetween any users can be a direct connection in which case the processdetails are described in steps 5000-5199 or connections via a proxy inwhich case the process details are described in steps 5200-5399. Adetailed description of service delivery through relays is as follows.In step 5402, User A 1 performs a search as defined in steps 4100-4250on the network. However, in this case the subject of the search requiresa degree of privacy. In step 5410, User A 1 requests a service based onthe results of the search. In step 5420, the service request is passedto each user in the connection path between the initiator and the Userthat has the resources being requested. The identity of the originatorof the search is only known to the first user in the connection pathwith whom User A 1 has an N of 0, in this case User Z 7. In step 5430,the service request reaches the User that has the resources, in thisexample, Z3 14. In step 5500, Z3 14 executes the service request anddelivers the result back to the next User in the connection path whorelays it to the next User etc. until it reaches the originator, User A1. The delivery of the result can be via a direct connection asdescribed in steps 5000-5199 above or through a proxy connection asdescribed in steps 5200-5399 above. In step 5550, the initiator of thequery, User A 1, receives the results of the User Z 7.

Remote Access and Control of the Client (6000-6099)

The services of the software client on a computing device can beaccessed remotely if the proper communication, authentication andidentification processes are built into the software client. The processdiagram for remote access is given in FIG. 27 and the correspondingflowchart is given in FIG. 28. In FIG. 27, User A 1 remotely establishesa communication channel 4 with his software client 6. For example, viaan http connection, and undergoes an identification and authenticationprocess. Once authorized, User A 1 can then control the local servicessuch as searching and service requests remotely. In step 6000, User A 1establishes a link through a communications means 4 with the softwareclient 6 from an external system 2 and establishes a communicationsession. In this case, communication means 2 is defined as a connectionthat allows for a transfer of information. For example, an http sessionusing TCP/IP as the transport protocol. In step 6005, the softwareclient 6 provides an authentication and identification process for theremote User A 1. In step 6010 the software client 6 reviews theidentifying data provided by the remote User A 1. At this point, either,in step, 6020 authentication fails and the remote request will not beconsidered, or, in step 6030, the authentication succeeds and the remoterequest can continue until the session is terminated. In effect, theexternal system 2 can issue commands and receive replies through thecommunication link to the software client. In step 6099, User A 1terminates the remote link and ends remote access.

The proposed network is not limited to the sharing of electronicresources such as electronic files but creates new work processes forthe user. The following are provided for exemplification purposes onlyand are not intended to limit the scope of the invention described inbroad terms above. All references cited in this disclosure areincorporated herein by reference. Each example applies the main claimsof the patent, which are:

-   -   Authentication and authorization from trusted servers    -   Obtain service from a trusted entity    -   Establishing a user-to-user connection    -   Connecting within a defined social network    -   to solve a specific problem.

Example 1 Sharing on a Trusted Social Network

The basic principle covered by this patent is the ability to create asecure and trusted user to user network so that users of this networkcan connect, communicate and transfer information or objects. There areno limitations to the type of objects and as an example; we describe indetail the transfer of generic files, digital photographs and digitalvideos over this network. In the last example, we describe the situationwhere the local client is controlled remotely and the same functions onthe local clients can be activated.

Example 1A File Sharing on a Trusted Social Network

This example describes the process of file sharing on a trusted socialnetwork. FIG. 29 is a schematic illustrating an example of file transferthrough a trusted social network. The detail implementation is coveredby the claims of this patent. FIG. 29 illustrates the following steps:

-   -   1. Authentication and Authorization User A 1 has a list of files        (File A-1 60) on a shared folder. User A 1 must first be        identified and receive authorization from the trusted servers 3        in order to access the network.    -   2. Trusted user of User A 1 can access File A-1 A trusted user        for A, in this case User B 9, who is already authorized to be on        the system can now access File A-1 60.    -   3. Socially related users can access Any connected user that are        related to User A 1 or User B 9, in this case, B_(n) 70 (_(n)        representing the degree of separation from User B 9) can also        access File A-1 60 depending on the permission first declared by        User A 1. For example, A 1 can limit the degree of        separation (n) for which the file can be accessed.    -   4. Non socially related users cannot access Users on the network        that do not have a social connection to A or B, in this case        User X 90, cannot have access to File A-1.

This example assumes that all users are connected to the Internetwithout limits on network access such as firewalls. The use of proxieson trusted servers is necessary when there are limits to network access.This scenario is discussed more fully elsewhere in the body of thepatent.

Example 1B Photo Sharing on a Trusted Social Network

This example describes the process of sharing digital photographs on atrusted social network. Digital photographs are a specific example offile transfer that involves file sizes ranging from kilobytes tomegabytes depending the size of the photo, its resolution and the formatof the digital file. FIG. 30 is a schematic illustrating an example ofsharing photograph through a trusted social network. The detailimplementation is covered by the claims of this patent. FIG. 30illustrates the following steps:

-   -   1. Authentication and Authorization User A 1 has a digital        photograph file 80 on a computing device connected to the        network. User A 1 must first be identified and receive        authorization from the trusted servers 3 in order to access the        network.    -   2. Trusted user of User A 1 can access A trusted user to A 1, in        this case User B 9, who is already authorized to be on the        system can now access the photograph 80.    -   3. Socially related users can access Any connected user that is        related to User A 1 or User B 9, in this case, B_(n) 70 (_(n)        representing the degree of separation from User B 9) can also        access the photo depending on the permission first declared by        User A 1. For example, A 1 can limit the degree of        separation (n) for which the photograph 80 can be accessed.    -   4. Non socially related users cannot access Users on the network        that do not have a social connection to A 1 or B 7, in this case        User X 90, cannot have access to the photograph 80.

This example assumes that all users are connected to the Internetwithout limits on network access such as firewalls. The use of proxieson trusted servers is necessary when there are limits to network access.This scenario is discussed more fully elsewhere in the body of thepatent.

Example 1C Video Sharing on a Trusted Social Network

This example describes the process of sharing digital videos on atrusted social network. Digital videos are a specific example of richmedia file transfers that involves extremely large files ranging frommegabytes to gigabytes in size. FIG. 31 is a schematic illustrating anexample of sharing a digital video through a trusted social network. Thedetail implementation is covered by the claims of this patent. FIG. 31illustrates the following steps:

-   -   1. Authentication and Authorization User A 1 has a digital video        file on a shared folder. User A 1 must first be identified and        receive authorization from the trusted servers 3 in order to        access the network.    -   2. Trusted user of User A 1 can access A trusted user for A 1,        in this case User B 9, who is already authorized to be on the        system can now access the video 120.    -   3. Socially related users can access Any connected user that are        related to User A 1 or User B 9, in this case, B_(n) 70 (_(n)        representing the degree of separation from User B 9) can also        access the video 120 depending on the permission first declared        by User A 1. For example, A 1 can limit the degree of        separation (n) for which the video can be accessed.    -   4. Not socially related users cannot access Users on the network        that do not have a social connection to A for B 9, in this case        User X 90, cannot have access to video 120.

This example assumes that all users are connected to the Internetwithout limits on network access such as firewalls. The use of proxieson trusted servers is necessary when there are limits to network access.This scenario is discussed more fully elsewhere in the body of thepatent.

Example 1D Remote Access and File Sharing on a Trusted Social Network

This example describes the process of remote access of the client toshare digital videos on a trusted social network. The process by which auser can access the system remotely is discussed elsewhere in the bodyof the patent. Once the system authorizes the remote access, the usercan then carry out all the activities that are permitted on the network.FIG. 31 describes the sharing of digital videos through a remote access.The following steps are illustrated:

-   -   1. Authentication and authorization for remote client User A 1        must first establish a communication channel between the remote        device 2 (i.e. a computer, a PDA, or a cell phone) and the        software client 6. The software client 6 will issue and        challenge and User A 1 must then complete the logon steps to        gain access to the software client. Once the logon process is        successful, User A 1 can then issue commands to the software        client through the remote device 2.    -   2. Authentication and Authorization User A 1 starts and        completes the logon process for the software client 6 and the        trusted servers 3. User A 1 has a digital video file 120 on a        shared folder.    -   3. Trusted user of User A 1 can access A trusted user for A 1,        in this case User B 9, who is already authorized to be on the        system can now access the video 120.    -   4. Socially related users can access Any connected user that are        related to User A 1 or User B 9, in this case, B_(n) 70 (_(n)        representing the degree of separation from User B 9) can also        access the video depending on the permission first declared by        User A 1. For example, A 1 can limit the degree of        separation (n) for which the video 120 can be accessed.    -   5. Not socially related users cannot access Users on the network        that do not have a social connection to A 1 or B 9, in this case        User X 90, cannot have access to video.

This example assumes that all users are connected to the Internetwithout limits on network access such as firewalls. The use of proxieson trusted servers is necessary when there are limits to network access.This scenario is discussed more fully elsewhere in the body of thepatent.

Example 2 An Electronic Market on a Trusted Social Network

This patent can also be used to setup an electronic marketplace fordigital goods. Such markets are created when the system can assign anexplicit value to the transactions between users on their trusted socialnetwork. Markets differ in the information being tracked when an item istransferred between two users. For markets based on transactions, thesystem automatically assigns value based on the interaction between twosocially related users. For market based on transfer of digital right,an additional service, known as a digital rights manager, is required totrack the legitimate ownership of a particular piece of content. Anatural extension of this concept is in the transfer of non-digitalgoods. The following systems are not mutually exclusive and can be usedin conjunction with each other.

Example 2A Market Based on Transactions

FIG. 33 is an example of an electronic market built on a trusted socialnetwork. In this case, the main components of this electronic marketinvolves:

-   -   1. Authentication and Authorization User A 1 has an item 130 on        a shared folder. User A 1 must first be identified and receive        authorization from trusted servers 3 to access the network.    -   2. Trusted user of User A 1 request and obtain item A trusted        user, for example User B 9, who is already authorized to be on        the system and is defined by User A 1 to be a trusted user, can        now obtain the item 130 from User A 1. This transaction is        recorded in an accounting service 140 on the local machine for        both users 1 and 9.    -   3. Socially related users access Any connected user that are        related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        obtain the item 130 depending on the permission first setup by        User A 1 and subsequently, all the other related users. This        transaction is also recorded in an accounting service 140 on the        local machine.    -   4. Transaction information For each user, the local accounting        service reports the transaction information to the Accounting        Server 150 on the trusted servers 3. The Accounting Server 150        can then assign values to each transaction. Examples of        transaction information include, but are not limited to file        type, file size, speed of transfer, value of transfer, user        satisfaction. Examples of assign values for transactions        include, but are not limited to, cash or system credits.

An electronic market is thereby created which assign value to anactivity over the network.

Example 2B Market Based on Transfer of Digital Rights

FIG. 34 illustrates an electronic market built on a trusted socialnetwork based on the transfer of digital rights. In this case, thesystem requires the addition of a DRM (Digital Rights Management)server, to manage the rules and regulations governing the ownership ofthe object. The main components of this system are:

-   -   1. Authentication and Authorization User A 1 is the digital        rights holder of an item (such as a digital music file protected        by copyright) 120 on a shared folder. User A 1 must first be        identified and receive authorization from the trusted servers 3        to access the network.    -   2. Initial DRM information User A 1, sends the Digital Rights        Management (DRM) 165 information to the DRM server 160.    -   3. Trusted user of User A 1 can request and obtain item. A        trusted user, defined as User B 9, who is already authorized to        be on the system can now obtain the item 120 from User A 1.    -   4. Socially related users can access Any connected users that        are related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        obtain the item 120 depending on the permission first setup by        User A 1 and subsequently, all the other related users. The        digital rights information is sent to the local digital rights        manager installed on the local system 170.    -   5. Digital rights information For each user, the local        accounting service 140 reports the digital rights information to        the DRM Server 160 on the trusted servers 3. The DRM Server 160        can then assign the appropriate access rules and regulation        governing the use of the item as defined by the digital rights        owner 1.

The addition of a DRM server can therefore effectively enforcecopyrights in digital files in a flexible and effective mannerthroughout the network. The social element of this network provides anadditional level of security and enforcement for transactions involvingdigital rights.

Example 2C Extension of Electronic Market to Identifiable Non-DigitalGoods

An electronic market built on a trusted social network as described inthis patent can also be used for the trading of non-digital goods. Thisembodiment describes the use of the electronic market to exchangenon-digital goods. Additional requirements to implement this example arethe availability of a unique identifier for the object of interest and aRights Management (RM) server. Examples of unique identifiers includebut are not limited to the following: manufacturer's serial numbers,Radio Frequency Identification (RFID) tags and/or Universal Product Code(UPC). The RM server will manage the rules and regulations governing theownership of the object. FIG. 35 illustrates an electronic market builton a trusted social network based on the availability of uniqueidentifiers for an object. The main components of this system are:

-   -   1. Authentication and Authorization User A 1 is the owner of an        item 120 that can be identified uniquely with a tag. User A 1        must first be identified and receive authorization from the        trusted servers 3 to access the network.    -   2. Owner's rights information User A 1 sends the unique        identifier and ownership information 165 to the Rights        Management (RM) server 160.    -   3. Trusted user of User A 1 can access A trusted user, defined        as User B 9, who is already authorized to be on the system can        now request the item from User A 1.    -   4. Socially related users can access Any connected users that        are related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        obtain the item 120 depending on the permission first setup by        User A 1 and subsequently, all the other related users.    -   5. Delivery of Item In this example, User A 1 accepts the        request of User Bn 70 and delivers the item 120 together with        its unique identifier 165. The item 120 can be delivered an        external process for example: mail, courier service or direct        delivery.    -   6. New owner's rights information Once User B_(n) 70 receives        the item, rights information is sent back to RM server 160 to        conclude the transaction.

The addition of a RM server can therefore effectively enforce ownershipin a flexible and effective manner throughout the network. The socialelement of this network provides an additional level of security andenforcement for transactions involving non-digital goods.

Example 3 Electronic Auction Through a Trusted Social Network

The trusted social network as outlined in this patent can also be usedas the basis for different types of auctions.

Example 3A Normal Auctions on a Trusted Social Network

In a normal auction there is a single seller and many potential buyersbidding for the item being sold. On a trusted social network asdescribed in this patent, the buyers are limited to the extended socialnetwork of the seller. FIG. 36 is an example of an electronic auctionwhere a user, defined as A, initiates and carries out an auction thoughthis trusted social network.

-   -   1. Authentication and Authorization User A 1 is the owner of an        item 120 for auction on the network. User A 1 must first be        identified and receive authorization from the trusted servers 3        to access the network.    -   2. Starts auction process User A 1 initiates the auction process        by sending the appropriate information to an Auction server.    -   3. Trusted user Bidding A trusted user, defined as User B 9, who        is already authorized to be on the system can now obtain the        auction information concerning the item 120 from the auction        server 160. Any other users that are related to A 1 or B 9 can        also access this information through defined social relations.    -   4. Auction information sends to auction server Any connected        users that are related to User A 1 or User B 9, can bid on the        item 120 by contacting the auction server 160. The auction        server can enforce such rules as        -   Time limit for auction        -   Price limit for item        -   Volume discounts        -   Exclusions (for example, based on location, reputation,            etc.)    -    The auction server 160 maintains control of the auction process        until the auction is finished.    -   5. Winning bid The auction server notifies both User A 1 and the        winner of the result of the winning bid. In this case, User        B_(n), 70 has the winning bid.    -   6. Delivery of item The owner of the item, User A 1, can then        deliver the item to the winner, User B_(n) 70. At the minimum,        verification of transaction is done via the trusted servers 3.

The novelty of this embodiment is that the entire auction process iscarried out on a trusted social network.

Example 3B Reverse Auctions on a Trusted Social Network

The auction system can also support reverse auctions. In a reverseauction there are one buyer and many sellers. The general idea is thatthe buyer specifies what they want to purchase and offers it to manysuppliers. Normally, each buyer must be qualified to ensure that thewinner is suitable for the buyer. As a result this type of process willusually produce the lowest possible price when all sellers are of equalquality. Qualification is implicitly defined in a social network sinceaccess to the network is by invitation only. Therefore, this type ofnetwork is suitable for carrying out reverse auctions. An example of areverse auction is shown in FIG. 37. A description of the main elementsin this process is as follows:

-   -   1. Authentication and Authorization User A 1 has a request for        an item 120 that might be on the network. User A 1 must first be        identified and receive authorization from the trusted servers 3        to access the network.    -   2. Starts auction process User A 1 initiates the auction process        by sending the appropriate information to an auction server 160        requesting the item.    -   3. Trusted user Bidding A trusted user, defined as User B 9, who        is already authorized to be on the system can now obtain the        auction information concerning the request from the auction        server 160. Any other users that are related to A 1 or B 9 can        also access this information through defined social relations.    -   4. Auction information sent to auction server Any connected        users that are related to User A 1 or User B 9, can bid to        satisfy the demands of User A 1 by contacting the auction server        160. The auction server can enforce such rules as        -   Time limit for auction        -   Price for item        -   Volume discounts        -   Acceptance (for example, based on location, reputation,            etc.)    -    The auction server 160 maintains control of the auction process        until the auction is finished.    -   5. Winning bid The auction server notifies both User A 1 and the        winner of the result of the winning bid. In this case, User Bn        70, has the winning bid.    -   6. Delivery of item The owner of the item, User Bn 70, can then        deliver the item 120 to the requesting user, User A 1. At the        minimum, verification of transaction is done via the trusted        servers 3.

Example 4 Other Types of Communications Through a Trusted Social Network

The network as outlined in this patent represents a platform that cansupport a myriad of communication services. Example 4 lists variouscommunication services that can be implemented on a trusted socialnetwork.

Example 4A Instant Messaging (IM)

Instant messaging (IM) is an exchange of text-based messages over theInternet between two or more people who must all be online at the sametime. FIG. 38 is an illustration of how an IM service can be implementedon the network covered in this patent. The process includes:

-   -   1. Authentication and Authorization. User A 1 wants to        communicate with a trusted user. User A 1 logs in to the system        and undergoes a process of authentication and authorization.    -   2. IM process (direct). Once on the network, User A 1 can        communicate with those trusted users that are also on the        network, in this case, User B 9. User A 1 can also contact        anyone that is socially related to the User B 9, for example,        User Bn 70, depending on their mutual preference settings.    -   3. IM through proxy. In some cases, Users are behind firewalls        or other security devices and cannot be connected directly. In        such cases, the IM service is available through the IM server        160 on the trusted servers 3.

The novelty of this embodiment is that an IM process is carried out on atrusted social network.

Example 4B Voice Over Internet Protocol (VOIP)

Voice over Internet Protocol is a technology for transmitting ordinarytelephone calls over the Internet using packet-linked routes. FIG. 39 isan illustration of how a VOIP service can be implemented on the networkcovered in this patent. The process includes:

-   -   1. Authentication and Authorization. User A 1 wants to        communicate with a trusted user via VOIP. The user logs in to        the system and undergoes a process of authentication and        authorization.    -   2. VOIP process (direct). Once on the network, User A 1 can        communicate using VOIP, with those trusted users that are also        on the network, in this case, User B 9. User A 1 can also        contact anyone that is socially related to the User B 9, for        example, User Bn 70, depending on their mutual preference        settings.    -   3. VOIP through proxy. When Users are behind firewalls or other        security devices and cannot be connected directly. In such        cases, the VOIP service is available through the VOIP server 160        on the trusted servers 3.    -   4. VOIP to POTS. This service can be extended to include        traditional telephony (POTS) systems 170. In this case, User C        11, must have some unique identifier (for example, telephone        number, password) 165 that allows the user to access the network        and be contacted by trusted users. VOIP communication from User        A 1 to User C 11 is through the VOIP server 160.

The novelty of this embodiment is that a VOIP process is carried out ona trusted social network.

Example 4C Interactive or Streaming Video

Interactive or streaming video is a technology for video communicationusing the Internet. FIG. 40 is an illustration of how an interactivevideo service can be implemented on the network covered in this patent.The process includes:

-   -   1. Authentication and Authorization User A 1 wants to        communicate with a trusted user via video. User A 1 first logs        in to the system and undergoes a process of authentication and        authorization.    -   2. Video (direct) Once on the network, User A 1 can communicate        using video streams 180, with those trusted users that are also        on the network, in this case, User B 9. User A 1 can also        contact anyone that is socially related to the User B 9, for        example, User Bn 70, depending on their mutual preference        settings.    -   3. Video through proxy When Users are behind firewalls or other        security devices and cannot be connected directly. In such        cases, the interactive service is available through the Video        server 160 on the trusted servers 3.

The novelty of this embodiment is that an interactive process is carriedout on a trusted social network.

Example 5 Resource Sharing Through a Trusted Social Network

The application of this patent is not limited to the communication orthe transfer of electronic files but can also extend to the sharing orgrouping of resources both electronic and non-electronic. The commonelement in the resource sharing through a social network is the additionof a trusted source that manages the resources. The following arerepresentative examples of resource sharing on this type of network.

Example 5A Electronic Resource Sharing on a Trusted Social Network

This example applies to the sharing of electronic resources available onthe local computing device that can include but not limited to:bandwidth, storage capacity and CPU processing capability. FIG. 41illustrates an application of resource sharing on the network defined inthis patent. Major steps in this process are:

-   -   1. Authentication and Authorization. User A 1 has resources 120        to share, in this case, local hard drive space. User A 1 must        first be identified and receive authorization from the trusted        servers 3 to access the network.    -   2. User A 1 sends information on resource availability. Once        authenticated User A 1 sends resource information to the        resource manager 160 residing with the trusted servers 3.    -   3. Trusted user can access. A trusted user, for example User B        9, who is already authorized to be on the system and is defined        by User A 1 to be a trusted user, obtains information from the        resource manager 160. User A 1 and User B 9 can now share their        resources 120 accordingly.    -   4. Socially related users can access. Any connected user that is        related to User A 1 or User B9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        share their resources 120. The resource manager 160 carries out        the organization and management of those resources.    -   5. Resource information. For each user, the local resource        service 190 reports the available resource information to the        resource manager 160 on the trusted servers. The resource        manager 160 can then allocate resources to each user of the        trusted network accordingly.

As a result, resources can be grouped and shared on a trusted networkaccording to the preference of each individual user.

Example 5B Non-Electronic Resource Sharing on a Trusted Social Networkwith Delivery Through a Trusted Service

The application of this patent is not limited to sharing or grouping ofelectronic resources but also includes identifiable non-electronicresources. Examples of non-electronic resources include: money, creditand/or information. FIG. 42 illustrates an application of resourcesharing on the network defined in this patent for the case of resourcedelivery by a trusted authority. Major steps in this process are

-   -   1. Authentication and Authorization User A 1 has a resource 120        to share, in this case, money. User A 1 must first be identified        and receive authorization from trusted servers 3 to access the        network.    -   2. User A 1 contributes resource to a central authority Once        authenticated User A 1 sends the resource (money) 120 to the        trusted authority 200 and the information related the resource        to the resource manager 160.    -   3. Trusted user resource contribution A trusted user, for        example User B 9, who is already authorized to be on the system        and is defined by User A 1 to be a trusted user, can contribute        to the resource 120 on the trusted authority 200. With each        contribution, the corresponding resource information is also        sent to the resource manager 160. User A 1 and User B 9 can now        share their resources 120 accordingly.    -   4. Socially related users access request resources Any connected        user that are related to User A 1 or User B 9, in this case,        B_(n) 70 (n representing the degree of separation from User B 9)        can also share and request the resources 120. In this case, the        User Bn 70 requests the resource 120 and the resource manager        160 carries out the organization and management of those        resources and arranges for the delivery of the resource 120.    -   5. Resource delivery The resource manager 160 arranges for the        delivery of the resource 120 to User Bn 70 from a trusted        authority 200.    -   6. Resource information For each user, the local resource        service 140 reports and tracks the contribution of each socially        related user. The resource server 160 can then allocate        resources 120 or provide access privileges to each user of the        trusted network accordingly.

As a result, resources can be grouped and shared on a trusted networkaccording to the preference settings for each individual user.

Example 5C Non-Electronic Resource Sharing on a Trusted SocialNetwork—Delivery by a Trusted User

In this example of sharing of non-electronic resources, a trusted socialuser carries out the delivery of the resource. FIG. 43 is anillustration of this example. Major steps in this process are

-   -   1. Authentication and Authorization User A 1 has a request for a        resource 120, in this case, money. User A 1 must first be        identified and receive authorization from the trusted servers 3        to access the network.    -   2. User A 1 submits a resource request Once authenticated User A        1 submits a resource (money) request to the to the resource        manager 160, a trusted authority.    -   3. Resource query Resource manager 160 then query each of the        socially connected users to A 1 to find the resource. In this        case, User B 9 is query and the system finds that User B 9 does        not have the required resources 120.    -   4. Request accepted Any connected user that is related to User A        1 or User B 9, in this case, B_(n) 70 (n representing the degree        of separation from User B 9) can also reply to the request the        resources. In this case, the User Bn 70 has the resource 120 and        the resource manager 160 carries out the organization and        management of those resources and arranges for the delivery of        the resource 120.    -   5. Resource delivery The resource manager 160 closes the request        after the delivery of the resource 120 from User Bn 70 to User A        1.

As a result, resources can be grouped and shared on a trusted networkaccording to the preference of each individual user and the delivery ofthe resources does not have to occur via a trusted intermediate.

Example 5D Information Collaboration and Management on a Trusted SocialNetwork

Information is one particular type of resource that is ideally suited tobe accessible and available on a trusted social network. In order forinformation to be useful and relevant, it must be written and organizedfor an intended audience. FIG. 44 is an example of information betweenmanaged on a trusted social network as defined in this patent. Majorsteps in this process are:

-   -   1. Authentication and Authorization. User A 1 requires updating        information 120 that is being stored in a central trusted        authority, an editing server 160. User A 1 must first be        identified and receive authorization from the trusted servers 3        to access the network.    -   2. Information contribution. Once authenticated User A 1 submits        the new information 125 to the editing server 160.    -   3. Trusted User information contribution A trusted user, User B        9, who is on the network can query the editing server 160 or        contribute additional information 125.    -   4. Socially related user request information Any connected user        that is related to User A 1 or User B 9, in this case, B_(n) 70        (n representing the degree of separation from User B 9) can also        edit or view the information 120. In this case, the User Bn 70        submits a query to the Editing Server 160.    -   5. Information is delivered The editing server 160 response to        the query based on the rules and regulation governing the        information 120.    -   6. Resource information The editing server 160 is connected to        each user of the trusted social network to ensure each user has        the appropriate access to the information 120.

As a result, information can be edited, manipulated, grouped and sharedon a trusted network according to the preference of each individualuser. The uniqueness of this type of collaboration is that socialrelationships dictate function rather than having a central authoritythat has to manage user access to resources.

Example 6 Electronic Games on a Trusted Social Network

The application of this patent can be used to play electronic games.Since most games are played between friends, the trusted social networkbecomes a natural electronic extension of the real world. Examples ofgames include, but are not limited to, the following: poker, chess,scrabble and on-line multi-player games. FIG. 45 illustrates anapplication of gaming on the network as defined in this patent. Majorcomponents in this process are:

-   -   1. Authentication and Authorization User A 1 wants to play a        game 120 with another user. User A 1 must first be identified        and receive authorization from trusted servers 3 to access the        network.    -   2. Trusted user access A trusted user, for example User B 9, who        is already authorized to be on the system and is defined by User        A 1 to be a trusted user, can then play with User A 1.    -   3. Playing as a group Any connected users that are related to        User A 1 or User B 9, in this case, B_(n) 70 (n representing the        degree of separation from User B 9) can also play the game 120        as an individual or as a group. A game server 160 can be a        central organizer for some types of games.    -   4. Through a proxy In cases where there is a firewall or other        forms of security, trusted users, the game server 160 can        function as a proxy to establish connection between users.    -   5. Directly to a game server For complex games such as those        found in on-line multi-player games, authenticated users can        connect directly to the game server 160. In this case, the        social network relationships are still maintained as each user        plays the game.

This example illustrates the reinforcement of social networks on gameplay.

Example 7 Advertising Through a Trusted Social Network

The application of this patent can be applied to advertising forindividual users of the network. FIG. 46 illustrates how the systemallows a user to broadcast a message to users that are related socially.The main components are:

-   -   1. Authentication and Authorization User A 1 wants to broadcast        a message 120. Examples of the message 120 include but are not        limited to: a text message, a URL, a graphic or a multimedia        file. User A 1 must first be identified and receive        authorization from trusted servers 3 to access the network.    -   2. Advertising message User A 1 sends a request to advertise        through the social network to the advertising server 160.    -   3. Trusted user advertisement Once authorized by the advertising        server 160, User A 1 can send a message to a trusted user who is        on the network, in this case, User B 9.    -   4. Socially related user advertisement Message 120 can also be        sent to any user that is socially related to A 1 or B 9, in this        case, User Bn 70.    -   5. Advertising information Advertising controls, for example,        length of display or type of message is sent to each user.        Advertising information, such as duration of the ad,        click-through, etc. is sent back to the advertising server.

This example illustrates the ability to create a direct marketingcampaign to users of a social group.

Example 8 Example of Industrial Applications

The social network as defined in this patent can also be applied in abusiness environment. The essential nature of the network does notchange but the terminology describing the elements of the network mightbe modified depending on context. For example, the network in thispatent is described as a social network with elements within the networkbeing described as friends related by a degree of separation. In abusiness settling, the social network is understood to be a collectionof business related roles with the relationship being defined bybusiness roles. The following examples illustrate the implementation ofthis patent in a corporate setting.

Example 8A Multilevel Marketing (MLM)

Multi-level marketing (MLM), also known as network marketing (NM),affiliate marketing, or home based business franchising, is a businessmodel that combines the characteristic of direct marketing andfranchising. Typically, individuals enter into an independent contractorrelationship with a business entity and acts as sellers and agents torecruit others to work for the company. New recruits themselves in turnare encouraged to get others to work for the company. Sellers arecompensated based on their sales of a product or service, as well as thesales of those they bring into the business. FIG. 47 is an example ofMLM operation on a network as described in this patent. In this example,the network is configured to be the same as an advertising network asdescribed in Example 7 but the roles and responsibilities of eachcomponent reflects the needs of a MLM business. The main components are

-   -   1. Authentication and Authorization User A 1, represents an        agent for a MLM business and wants access to the trusted        network. User A 1 must first be identified and receive        authorization from trusted servers 3 to access the network.    -   2. MLM request Once authenticated, User A 1 can then send a        request to the MLM server 160. The MLM server 160 is a trusted        entity that controls the rules and regulations specific to this        business.    -   3. First levels recruit access User A 1 can now interact with a        trusted user who is on the network, in this case, User B 9. In        this context, User B 9 is known as a first level recruit because        this user is directly related User A 1.    -   4. Downline information User Bn 70, is lower in the hierarchy        relative to User A 1 and B 9 because User Bn 70 was recruited by        agents related to User A 1 and B 9 in some way. Because of this        relationship, User A 1 has rights to the MLM activities of User        Bn 70.    -   5. MLM activity information MLM activities 120, for example,        sales information, support are provided via a connection to the        MLM server 160. Local MLM software 140 on each User's computing        device processes this information. The MLM server 160 can also        implement specific business rules based on such factors as the        percentage of sales of users, sales volume discounts and        limiting the number of users.

This example illustrates how the same network configuration can beapplied in the MLM industry.

Example 8B Film Production

Film production is a complex process that requires the efforts of groupsof individuals including: editors, sound engineers, cinematographers,etc. The process of movie production can be carried out on a network asdescribed in this patent. FIG. 48 is a summary of a network created tosupport the production of a film.

-   -   1. Authentication and Authorization User A 1 has a movie in        production. In this case, an electronic copy of the film 120        exists on his local machine. In order to use the network, User A        1 must first be identified and receive authorization from        trusted servers 3 to gain access.    -   2. Film availability Once authenticated User A 1 sends film        information 120 to the film manager 160 residing within the        trusted servers 3.    -   3. Trusted user access A trusted user, for example User B 9, who        is already authorized to be on the system and is defined by User        A 1 to be a trusted user, obtains information from the resource        manager 160. User A 1 and User B 9 can now both work on the film        120 accordingly. User B 9 can then delegate responsibilities and        access to the film 120 independent from User A 1. This is        because the network is built based on the principle that there        is trust between User A 1 and User B 9.    -   4. Process defined users Any connected user that is related to        User A 1 or User B 9, in this case, B_(n) 70 (n representing the        degree of separation from User B 9) can also access the film        120. The film manager 160 carries out the organization and        management of this resource.    -   5. Resource information For each user, the local resource        service 140 reports the available resource information to the        resource manager 160 on the main trusted servers 3. For example,        the film manager 160 can implement version control, so only one        copy of a film 120 is in production. The film manager 160 can        then allocate resources to each user of the trusted network        accordingly.

As a result, resources can be grouped and shared on a trusted networkaccording to the preference of each individual user.

Example 8C Film Festivals

A film festival is a periodic gathering of individuals with a commonobjective of showcasing films according to a common theme. FIG. 49illustrates the use of this patent for a film festival in the case ofsharing previews for the film festival. The network configuration isbased on Example 1, file sharing on the network. In FIG. 49, the maincomponents are:

-   -   1. Authentication and Authorization User A 1 has a list of films        (film A-1) 120 on a shared folder. User A 1 must first be        identified and receive authorization from the trusted servers 3.        User A 1 could be a user of the film festival or just part of        the audience.    -   2. Trusted user access A trusted user for A 1, in this case User        B 9, who is already authorized to be on the system can now        access film A-1 120.    -   3. Socially related users access Any connected user that are        related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        access file A-1 depending on the permission first setup by User        A 1.    -   4. Not socially related users Users on the network that do not        have a social connection to A 1, for example, User X 90, cannot        have access to film A-1 120.

When a film festival uses this network, they can distribute content overthe available band width of each trusted user while taking advantage ofthe growth opportunities of a social network.

Example 8D Medical Industry

The contents of this patent can also be used in the medical industry fordiagnostic and collaboration. An example of the application of thispatent is given in FIG. 50. This application is similar to the processdescribed in Example 5D. Information collaboration and management on atrusted social network. In this case, medical information, for example,test results or medical history are being shared on the network. Eachuser can represent a stakeholder in the medical industry, for example,specialists, the patient or the medical technologist. Major steps inthis process are:

-   -   1. Authentication and Authorization User A 1 requires updating        information 120 that is being stored in a central trusted        authority. User A 1 must first be identified and receive        authorization from the trusted servers 3 to access the network.    -   2. Medical Information contribution Once authenticated User A 1        submits the new information the trusted authority, a manager        server 120.    -   3. Trusted User information contribution A trusted user, User B        9, who is on the network can query the manager server 160 or        contribute additional information 120.    -   4. Related user request information Any connected user that is        related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        edit or view the information 120. In this case, the User Bn 70        submits a query to the manager server 160.    -   5. Information is delivered The manager server 160 responds to        the query is based on the rules and regulation governing the use        of the information 120.    -   6. Medical information The manager server 160 is connected to        each user of the trusted social network to ensure each user has        the appropriate access to the information.

As a result, information can be edited, manipulated, grouped and sharedon a trusted network according to the preference of each individualuser. The uniqueness of this type of collaboration is that each trusteduser can assign access rights without having to explicitly requestpermission from any central authority. The role of the central authorityis simply to verify the identity of the user.

Example 8F Online Movie and/or Music Store

Movies and music are increasingly available in electronic form. A newtype of delivery mechanism and store can be created using this patent.Using Example 2B (an electronic market built on a trusted social networkbased on the transfer of digital rights) as a model, a movie produce candeliver a movie over a trusted network. In this case, the DRM (DigitalRights Management) server not only manages the rules and regulationsgoverning the ownership of the object but also can enforce payment. Themain components of this system are:

-   -   1. Authentication and Authorization User A 1 is the digital        rights holder of a movie 120 on a shared folder. User A 1 must        first be identified and receive authorization from the trusted        servers 3 to access the network.    -   2. Initial DRM information User A 1 sends the Digital Rights        Management (DRM) information 165 to the DRM server 160.    -   3. Trusted user of User A 1 requests and obtains item A trusted        user, defined as User B 9, who is already authorized to be on        the system can now obtain the item from User A 1. User A 1 must        meet the requirements of the DRM server 160. For example, paying        for the digital rights to the movie 120.    -   4. Socially related users can access Any connected users that        are related to User A 1 or User B 9, in this case, B_(n) 70 (n        representing the degree of separation from User B 9) can also        obtain the movie 120 depending on the permission first set up by        User A 1 and subsequently, all the other related users. The        digital rights information 165 is sent to the DRM manager 160 to        ensure compliance with the rights and regulations governing the        use of the movie 120.    -   5. Digital rights information For each user, the local        accounting service 140 reports the digital rights information        165 to the DRM manager 160. The DRM manager 160 will assign the        appropriate access rules and regulation governing the use of the        item as defined by the digital rights owner.

A new type of retail store is created based on the network as describedin this patent. Each individual user can act as both consumer anddistributor enjoying the benefits of network and efficient distribution.

We claim:
 1. A computer implemented method for facilitating games on anetwork, the method comprising the steps of: establishing unique networkidentifiers for each user in a plurality of users; establishingauthorization settings for each user in the plurality of users accordingto a criterion, the criterion relating to a degree of separation betweena first user and one or more other users, the degree of separationrepresentative of the number of pre-existing relationships of trustwhich link the first user and the one or more other users; associating aresource of the first user with the unique network identifier of thefirst user; connecting the plurality of users to one or more gamingservers on the network, wherein the one or more gaming serversfacilitate exchange of resources between the plurality of users, andwherein there sources include information relating to a game in whichtwo or more users of the plurality of users are participants; andfacilitating transfer of the resource associated with the unique networkidentifier of the first user to the one or more other users if thecriterion relating to the first user and the one or more other users isin accordance with the authorization settings defined by the first user.2. The method of claim 1, wherein the step of facilitating transfer ofthe resource associated with the unique network identifier of the firstuser to the one or more other users further requires a subsequent useraccessing the resource associated with the unique network identifier ofthe first user to the one or more other users to fall within theauthorization settings defined by the first user.
 3. The method of claim1, wherein the one or more gaming servers include at least one of agaming console or a handheld gaming device.
 4. The method of claim 1,wherein the one or more gaming servers are implemented by a cloudconfiguration.
 5. The method of claim 1, wherein the one or more gamingservers function as a proxy to establish connection between users. 6.The method of claim 1, wherein the one or more gaming servers managesthe interactions between the plurality of users according to pre-setrules.
 7. The method of claim 1, wherein the resources can be any of thefollowing: information, data, computer files, software, hard drivespace, or processing power.